Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e34332e37302e302f32342d3234203d3e20313336373837.roa
File: 3139332e34332e37302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: kk+uKit4EogV5VdZIXQ7jzLvCu8mZ37l+jjK7ecLMH8=
Subject key identifier: 3D:0C:1E:99:F4:1B:1F:7C:8E:54:E0:0D:F4:7E:D6:A6:52:B6:27:81
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 5FCD526AC884769D7B42845FB3A6010712EAA096
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e34332e37302e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 03 Apr 2024 19:03:26 +0000
ROA not before: Wed 03 Apr 2024 18:58:26 +0000
ROA not after: Wed 02 Apr 2025 19:03:26 +0000
asID: 136787
IP address blocks: 193.43.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:cd:52:6a:c8:84:76:9d:7b:42:84:5f:b3:a6:01:07:12:ea:a0:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Apr 3 18:58:26 2024 GMT
Not After : Apr 2 19:03:26 2025 GMT
Subject: CN=3D0C1E99F41B1F7C8E54E00DF47ED6A652B62781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c5:73:7b:97:4a:9a:d8:e4:7e:2c:7d:00:6b:
69:64:64:b7:05:36:8a:d6:3b:0f:7c:1d:24:eb:4b:
67:50:e6:59:45:e9:cc:55:bd:43:ad:43:1e:19:4b:
07:26:21:8e:67:6d:30:93:04:f6:f5:d8:14:b3:58:
6d:ef:c5:42:3c:3d:ee:bd:aa:24:d4:40:41:42:76:
94:ff:d2:06:4f:08:94:0e:ca:37:3d:fc:db:74:12:
83:7f:c7:d8:c0:8c:91:1d:2f:21:1d:a8:2a:8a:7f:
74:96:73:82:99:84:fc:c6:89:fe:d1:5f:48:0a:52:
15:18:0c:ae:35:2f:23:9f:e2:4e:9f:1c:b6:e2:1c:
db:6e:dc:46:cf:30:06:74:3f:70:48:46:e7:5a:08:
b5:9d:19:8e:32:48:08:81:d4:f0:04:f2:3b:8b:60:
07:92:06:5c:aa:c1:bd:a3:7d:f3:16:9b:af:23:78:
10:a4:72:f1:2c:67:5f:3a:98:a7:c4:f8:2a:96:c2:
91:d0:80:9e:10:fc:86:be:12:9f:d5:b0:cf:20:99:
c2:6a:80:5c:63:fa:36:42:c3:22:c7:86:6d:36:95:
8f:a4:57:89:96:5c:88:2c:b1:e2:b8:41:c6:51:63:
72:1d:63:a3:dc:9e:df:6e:65:43:2b:c9:4c:e6:75:
88:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:0C:1E:99:F4:1B:1F:7C:8E:54:E0:0D:F4:7E:D6:A6:52:B6:27:81
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e34332e37302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.70.0/24
Signature Algorithm: sha256WithRSAEncryption
79:c8:eb:e4:a9:7c:07:c8:15:54:e8:be:61:2a:07:5c:42:c5:
62:a4:28:b3:ca:8c:57:4f:31:5a:28:be:23:94:99:78:b8:c3:
80:64:21:15:b8:9e:d4:86:8e:d5:67:f2:e1:ac:4f:fc:69:ee:
e6:4d:e5:1e:25:99:01:5d:22:77:77:55:79:a9:d3:cf:6f:24:
33:30:b6:d0:99:ac:5a:ac:30:59:3b:91:a3:a0:6e:95:a8:02:
60:37:3c:b4:91:c9:94:d4:69:08:24:1a:8b:cf:83:12:70:97:
98:a4:d1:3f:08:45:87:a4:18:83:c1:73:4a:58:d6:c5:aa:17:
fc:ac:6a:49:61:98:22:fb:22:16:01:8f:51:16:5a:ad:f2:9d:
bb:5b:0e:1d:26:a8:5b:4b:d6:cb:9f:af:ef:75:8d:08:bb:dc:
0e:6f:e2:ff:ba:83:5e:ce:d1:e5:0f:b8:ef:9f:43:a3:3f:85:
45:83:b9:9d:b1:42:d2:a3:98:a5:bc:77:ff:53:2d:7d:42:6f:
b6:c4:d1:3c:3d:0b:53:bd:40:61:c1:c5:6a:7b:57:21:1d:e2:
52:bc:34:59:96:d5:4e:36:e1:98:cb:c6:c2:c4:15:30:b1:f1:
81:e9:d3:da:48:fd:cf:8a:31:04:ce:2b:22:57:95:9f:bf:d6:
f7:be:d5:f3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUX81SasiEdp17QoRfs6YBBxLqoJYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDA0MDMxODU4MjZaFw0yNTA0MDIxOTAzMjZaMDMxMTAvBgNV
BAMTKDNEMEMxRTk5RjQxQjFGN0M4RTU0RTAwREY0N0VENkE2NTJCNjI3ODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3xXN7l0qa2OR+LH0Aa2lkZLcF
NorWOw98HSTrS2dQ5llF6cxVvUOtQx4ZSwcmIY5nbTCTBPb12BSzWG3vxUI8Pe69
qiTUQEFCdpT/0gZPCJQOyjc9/Nt0EoN/x9jAjJEdLyEdqCqKf3SWc4KZhPzGif7R
X0gKUhUYDK41LyOf4k6fHLbiHNtu3EbPMAZ0P3BIRudaCLWdGY4ySAiB1PAE8juL
YAeSBlyqwb2jffMWm68jeBCkcvEsZ186mKfE+CqWwpHQgJ4Q/Ia+Ep/VsM8gmcJq
gFxj+jZCwyLHhm02lY+kV4mWXIgsseK4QcZRY3IdY6Pcnt9uZUMryUzmdYhZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPQwemfQbH3yOVOAN9H7WplK2J4EwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTMzMmUzNDMzMmUzNzMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wStGMA0GCSqGSIb3DQEBCwUAA4IBAQB5yOvkqXwHyBVU6L5hKgdcQsVipCizyoxX
TzFaKL4jlJl4uMOAZCEVuJ7Uho7VZ/LhrE/8ae7mTeUeJZkBXSJ3d1V5qdPPbyQz
MLbQmaxarDBZO5GjoG6VqAJgNzy0kcmU1GkIJBqLz4MScJeYpNE/CEWHpBiDwXNK
WNbFqhf8rGpJYZgi+yIWAY9RFlqt8p27Ww4dJqhbS9bLn6/vdY0Iu9wOb+L/uoNe
ztHlD7jvn0OjP4VFg7mdsULSo5ilvHf/Uy19Qm+2xNE8PQtTvUBhwcVqe1chHeJS
vDRZltVONuGYy8bCxBUwsfGB6dPaSP3PijEEzisiV5Wfv9b3vtXz
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:25 2024 by rpki-client on console-fra.rpki-client.org